Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-19 CVE-2018-3857 Out-of-bounds Write vulnerability in Acdsystems Canvas Draw 4.0.0
An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0.
local
low complexity
acdsystems CWE-787
7.8
2018-07-19 CVE-2018-14423 Divide By Zero vulnerability in multiple products
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash).
network
low complexity
uclouvain debian CWE-369
7.5
2018-07-19 CVE-2018-5535 Improper Input Validation vulnerability in F5 products
On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 specifically crafted HTTP responses, when processed by a Virtual Server with an associated QoE profile that has Video enabled, may cause TMM to incorrectly buffer response data causing the TMM to restart resulting in a Denial of Service.
network
low complexity
f5 CWE-20
7.5
2018-07-19 CVE-2018-5534 Improper Input Validation vulnerability in F5 products
Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.
network
low complexity
f5 CWE-20
7.5
2018-07-19 CVE-2018-5533 Improper Input Validation vulnerability in F5 products
Under certain conditions on F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.
network
low complexity
f5 CWE-20
7.5
2018-07-19 CVE-2018-14404 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case.
network
low complexity
canonical debian xmlsoft CWE-476
7.5
2018-07-19 CVE-2017-2673 Unspecified vulnerability in Redhat Openstack 10/9
An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone).
network
low complexity
redhat
7.2
2018-07-19 CVE-2018-14402 Out-of-bounds Write vulnerability in Axmldec Project Axmldec 1.2.0
axmldec 1.2.0 has an out-of-bounds write in the jitana::axml_parser::parse_start_namespace function in lib/jitana/util/axml_parser.cpp.
network
low complexity
axmldec-project CWE-787
7.5
2018-07-19 CVE-2018-14401 Out-of-bounds Read vulnerability in Axml Parser Project Axml Parser 20180104
CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out-of-bounds read.
network
low complexity
axml-parser-project CWE-125
7.5
2018-07-19 CVE-2018-14370 Out-of-bounds Read vulnerability in Wireshark
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash.
network
low complexity
wireshark CWE-125
7.5